[Tailscale-native] update 1.42.0 before new APKG under validation (Asustor)

Native port (no docker) of tailscale VPN client / server
A frustratingly simple VPN.
Tailscale lets you easily manage access to private resources, quickly SSH into devices on your network, and work securely from anywhere in the world.

Moderator: Lillian.W@AST

Post Reply
User avatar
father.mande
Posts: 1810
youtube meble na wymiar Warszawa
Joined: Sat Sep 12, 2015 2:55 am
Location: La Rochelle (France)

[Tailscale-native] update 1.42.0 before new APKG under validation (Asustor)

Post by father.mande »

Hi,

A new security version of tailscale is available for update : 1.38.4
New autogroup values
autogroup:admin, autogroup:it-admin, autogroup:network-admin, and autogroup:owner added as autogroups
Apr 6, 2023
Machine address copy card
Click on a machine’s IP address in the Machines page of the admin console to display a machine address copy card. Within the machine address card, click to copy the MagicDNS name, IPV4 address, or IPV6 address of the machine to your clipboard.
Apr 5, 2023
Tailscale v1.38.4

ALL PLATFORMS
Build with Go 1.20.3 to address security fixes (CVE-2023-24537, CVE-2023-24538, CVE-2023-24534, and CVE-2023-24536). These address potential DoS attacks against DNS over HTTPS and Funnel that can occur over the public internet, and PeerAPI attacks launched from other nodes already on the tailnet.
Added path support for proxy targets with tailscale serve
Error displays when trying to use Funnel and tailscale up --shields-up simultaneously
WINDOWS
When connected to a Windows 10 client using Windows RDP, the Tailscale taskbar right-click option for the remote client works as expected (#7698)
Apr 4, 2023
Audit log events for Member users
“Log in using the web interface” and “Log out using the web interface” are logged as Configuration audit logging events for the Member user role. These events differentiate logins f
Please update using internal update script, or just wait to Asustor to validate the new APKG in AppCentral (deposit today)

Philippe.
AS6602T / AS5202T /AS5002T / AS1002T / FS6706T
User avatar
father.mande
Posts: 1810
Joined: Sat Sep 12, 2015 2:55 am
Location: La Rochelle (France)

Re: [Tailscale-native] update 1.40.0 before new APKG under validation (Asustor)

Post by father.mande »

Hi,

A new IMPORTANT (for Linux) update is available for tailscale
As usual using tailscale_mngt update you can update the APKG immediately without waiting for a new APKG

IMPORTANT ... Linux performance and throughput are drastically improved : https://tailscale.com/blog/more-throughput/

changelog :
Apr 28, 2023
Search Domains
Use Search Domains to configure DNS for accessing network resources without having to specify the full domain path (beta)
Apr 27, 2023
Audit log events for Log streaming
“Create logstream endpoint for tailnet”, “Update logstream endpoint for tailnet”, and “Delete logstream endpoint for tailnet” are logged as configuration audit logging events for Log streaming
Log streaming

Use Log streaming to stream configuration audit logs and network flow logs to a security information and event management (SIEM) system (beta)
Apr 26, 2023
Tailscale v1.40.0

ALL PLATFORMS
tailscale up --force-reauth will now display a warning and 5 second countdown if you are connected over SSH over Tailscale, unless --accept-risk=lose-ssh is also given
Tailscale now dynamically increases the buffer size for DERP relay messages based on the amount of available RAM (#7776)
Improvements were made to how Tailscale advertises available endpoints to reduce the likelihood of a spurious loss of direct connections (#7877)
LINUX
Substantially higher throughput—for details, see Surpassing 10Gb/s over Tailscale
Improved CPU consumption on systems with a very large (1M+) routing table
WINDOWS
Redo migration of pre-Fast-User-Switching state for better robustness
MACOS
“Settings” replaces “Preferences” as a menu item on macOS Ventura
ANDROID
Added intents com.tailscale.ipn.VPN_CONNECT and com.tailscale.ipn.VPN_DISCONNECT
GOKRAZY
Tailscale SSH now works
QNAP
UI failure after reboot
Apr 24, 2023
Machines page updates
The Machines page of the admin console has been updated to use Version as a column heading instead of OS, and to show the Tailscale client version prior to the operating system name
I will add new APKG in AppCentral ... shortly.

Philippe.
AS6602T / AS5202T /AS5002T / AS1002T / FS6706T
User avatar
father.mande
Posts: 1810
Joined: Sat Sep 12, 2015 2:55 am
Location: La Rochelle (France)

Re: [Tailscale-native] update 1.40.1 before new APKG under validation (Asustor)

Post by father.mande »

Hi,

A new update is available for tailscale 1.40.1 ... Linux is impacted by new SSH recording and support for LDAP user
As usual using tailscale_mngt update you can update the APKG immediately without waiting for a new APKG

IMPORTANT ... Linux performance and throughput are drastically improved (1.40.0+) : https://tailscale.com/blog/more-throughput/
May 11, 2023
SSH session recording

Use Tailscale SSH session recording to stream Tailscale SSH session logs to a designated node in your tailnet (beta)
May 10, 2023
Tailscale v1.40.1

LINUX
Tailscale SSH is now supported for LDAP users
Support for Tailscale SSH session recording to a local file is restored
Debian and RPM packages for MIPS architecture generate as expected
WINDOWS
Notification icons are updated
The 32-bit Windows installer for the Tailscale client works as expected
MACOS
tailscale cert command no longer causes timeout failures
KUBERNETES
The Tailscale version displays in the startup logs
New APKG including new iptables modules updated for arm64 series will come soon (I hope)
REMEMBER it's always possible to manage update through cron ... so you have not to wait (for the information) no more to do it yourself ... belter for 24/24 7/7 running NAS.

Philippe.
AS6602T / AS5202T /AS5002T / AS1002T / FS6706T
User avatar
father.mande
Posts: 1810
Joined: Sat Sep 12, 2015 2:55 am
Location: La Rochelle (France)

Re: [Tailscale-native] update 1.42.0 before new APKG under validation (Asustor)

Post by father.mande »

Hi,

A new update is available for tailscale 1.42.0 ... Linux is not really impacted ... getent is provide by A.D.M.
As usual using tailscale_mngt update you can update the APKG immediately without waiting for a new APKG

IMPORTANT ... Linux performance and throughput are drastically improved (1.40.0+) : https://tailscale.com/blog/more-throughput/

Please update, I need some time to create new APKG due to a lock of my dev. NAS (don't play with ip rule ... if your have big fingers :roll: :roll: :mrgreen: and press by error ENTER after a ip rule del ... NAS is running, but don't accept any connection at all ... so only button solve your problem ... but button is at 600 km ...)
May 25, 2023
Tailnet lock UI changes
Manage tailnet lock from the Device management page of the admin console, when enabled (alpha)
Improved UI for tailnet lock settings in the Machines page of the admin console
May 24, 2023
Tailscale v1.42.0

Note: This is the last release to support the following operating systems:

• Microsoft Windows 7
• Microsoft Windows 8
• Microsoft Windows Server 2008
• Microsoft Windows Server 2012
• macOS 10.13 High Sierra
• macOS 10.14 Mojave

Tailscale releases after 1.42.0 will no longer install on these operating systems, though we expect to maintain forward compatibility and critical security updates for 1.42.0 with future releases until at least May 31, 2024.

ALL PLATFORMS
tailscale serve reset command to clear out the current serve configuration
Update internal DNS handling to better support mixtures of global and private DNS servers
LINUX
SSH login on platforms which lack getent
WINDOWS
Note: This release switches to a new application signing certificate, which is valid through 2025.

Notification icons are updated
MACOS
Update Sparkle to check more regularly
Taildrop delivery of incomplete files
IOS
Delete Account button to redirect to the admin panel
Better handle memory management to avoid hitting 50 MByte memory limit
UNRAID
Support Unraid as a NAS platform similar to how Synology and QNAP are handled
KUBERNETES
Support for priorityClassName
May 22, 2023
ACL tags are lowercased
ACL tags for auth keys created via API are lowercased
Custom OIDC GA

Custom OIDC providers (generally available)
Use a custom OIDC provider for authentication to your tailnet
May 16, 2023
Discord and Mattermost supported as webhook destinations
Webhook events are available in formats for Discord and Mattermost
Philippe.
AS6602T / AS5202T /AS5002T / AS1002T / FS6706T
Post Reply

Return to “Tailscale-native”